Example 1 with Extensions
use of org.opensaml.saml.saml2.metadata.Extensions in project cas by apereo.
the class MetadataUIUtils method locateMetadataUserInterfaceForEntityId.
/**
* Locate mdui for entity id simple metadata ui info.
*
* @param entityDescriptor the entity descriptor
* @param entityId the entity id
* @param registeredService the registered service
* @return the simple metadata ui info
*/
public static SamlMetadataUIInfo locateMetadataUserInterfaceForEntityId(final EntityDescriptor entityDescriptor, final String entityId, final RegisteredService registeredService) {
final SamlMetadataUIInfo mdui = new SamlMetadataUIInfo(registeredService);
if (entityDescriptor == null) {
LOGGER.debug("Entity descriptor not found for [{}]", entityId);
return mdui;
}
final SPSSODescriptor spssoDescriptor = getSPSsoDescriptor(entityDescriptor);
if (spssoDescriptor == null) {
LOGGER.debug("SP SSO descriptor not found for [{}]", entityId);
return mdui;
}
final Extensions extensions = spssoDescriptor.getExtensions();
if (extensions == null) {
LOGGER.debug("No extensions in the SP SSO descriptor are found for [{}]", UIInfo.DEFAULT_ELEMENT_NAME.getNamespaceURI());
return mdui;
}
final List<XMLObject> spExtensions = extensions.getUnknownXMLObjects(UIInfo.DEFAULT_ELEMENT_NAME);
if (spExtensions.isEmpty()) {
LOGGER.debug("No extensions in the SP SSO descriptor are located for [{}]", UIInfo.DEFAULT_ELEMENT_NAME.getNamespaceURI());
return mdui;
}
spExtensions.stream().filter(UIInfo.class::isInstance).forEach(obj -> {
final UIInfo uiInfo = (UIInfo) obj;
LOGGER.debug("Found MDUI info for [{}]", entityId);
mdui.setUIInfo(uiInfo);
});
return mdui;
}
Also used :
SPSSODescriptor(org.opensaml.saml.saml2.metadata.SPSSODescriptor)
UIInfo(org.opensaml.saml.ext.saml2mdui.UIInfo)
XMLObject(org.opensaml.core.xml.XMLObject)
Extensions(org.opensaml.saml.saml2.metadata.Extensions)
Example 2 with Extensions
use of org.opensaml.saml.saml2.metadata.Extensions in project pac4j by pac4j.
the class SAML2MetadataGenerator method generateMetadataExtensions.
protected final Extensions generateMetadataExtensions() {
final SAMLObjectBuilder<Extensions> builderExt = (SAMLObjectBuilder<Extensions>) this.builderFactory.getBuilder(Extensions.DEFAULT_ELEMENT_NAME);
final Extensions extensions = builderExt.buildObject();
extensions.getNamespaceManager().registerAttributeName(DigestMethod.TYPE_NAME);
final SAMLObjectBuilder<DigestMethod> builder = (SAMLObjectBuilder<DigestMethod>) this.builderFactory.getBuilder(DigestMethod.DEFAULT_ELEMENT_NAME);
DigestMethod method = builder.buildObject();
method.setAlgorithm("http://www.w3.org/2001/04/xmlenc#sha512");
extensions.getUnknownXMLObjects().add(method);
method = builder.buildObject();
method.setAlgorithm("http://www.w3.org/2001/04/xmldsig-more#sha384");
extensions.getUnknownXMLObjects().add(method);
method = builder.buildObject();
method.setAlgorithm("http://www.w3.org/2001/04/xmlenc#sha256");
extensions.getUnknownXMLObjects().add(method);
method = builder.buildObject();
method.setAlgorithm("http://www.w3.org/2001/04/xmldsig-more#sha224");
extensions.getUnknownXMLObjects().add(method);
method = builder.buildObject();
method.setAlgorithm("http://www.w3.org/2000/09/xmldsig#sha1");
extensions.getUnknownXMLObjects().add(method);
method = builder.buildObject();
method.setAlgorithm("http://www.w3.org/2001/04/xmldsig-more#rsa-sha512");
extensions.getUnknownXMLObjects().add(method);
method = builder.buildObject();
method.setAlgorithm("http://www.w3.org/2001/04/xmldsig-more#rsa-sha384");
extensions.getUnknownXMLObjects().add(method);
method = builder.buildObject();
method.setAlgorithm("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256");
extensions.getUnknownXMLObjects().add(method);
method = builder.buildObject();
method.setAlgorithm("http://www.w3.org/2000/09/xmldsig#rsa-sha1");
extensions.getUnknownXMLObjects().add(method);
method = builder.buildObject();
method.setAlgorithm("http://www.w3.org/2000/09/xmldsig#dsa-sha1");
extensions.getUnknownXMLObjects().add(method);
return extensions;
}
Also used :
SAMLObjectBuilder(org.opensaml.saml.common.SAMLObjectBuilder)
DigestMethod(org.opensaml.saml.ext.saml2alg.DigestMethod)
Extensions(org.opensaml.saml.saml2.metadata.Extensions)
Example 3 with Extensions
use of org.opensaml.saml.saml2.metadata.Extensions in project pac4j by pac4j.
the class SAML2MetadataGenerator method buildSPSSODescriptor.
protected final SPSSODescriptor buildSPSSODescriptor() {
final SAMLObjectBuilder<SPSSODescriptor> builder = (SAMLObjectBuilder<SPSSODescriptor>) this.builderFactory.getBuilder(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
final SPSSODescriptor spDescriptor = builder.buildObject();
spDescriptor.setAuthnRequestsSigned(this.authnRequestSigned);
spDescriptor.setWantAssertionsSigned(this.wantAssertionSigned);
spDescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
spDescriptor.addSupportedProtocol(SAMLConstants.SAML10P_NS);
spDescriptor.addSupportedProtocol(SAMLConstants.SAML11P_NS);
final SAMLObjectBuilder<Extensions> builderExt = (SAMLObjectBuilder<Extensions>) this.builderFactory.getBuilder(Extensions.DEFAULT_ELEMENT_NAME);
final Extensions extensions = builderExt.buildObject();
extensions.getNamespaceManager().registerAttributeName(RequestInitiator.DEFAULT_ELEMENT_NAME);
final SAMLObjectBuilder<RequestInitiator> builderReq = (SAMLObjectBuilder<RequestInitiator>) this.builderFactory.getBuilder(RequestInitiator.DEFAULT_ELEMENT_NAME);
final RequestInitiator requestInitiator = builderReq.buildObject();
requestInitiator.setLocation(this.requestInitiatorLocation);
requestInitiator.setBinding(RequestInitiator.DEFAULT_ELEMENT_NAME.getNamespaceURI());
extensions.getUnknownXMLObjects().add(requestInitiator);
spDescriptor.setExtensions(extensions);
spDescriptor.getNameIDFormats().addAll(buildNameIDFormat());
int index = 0;
// Fix the POST binding for the response instead of using the binding of the request
spDescriptor.getAssertionConsumerServices().add(getAssertionConsumerService(SAMLConstants.SAML2_POST_BINDING_URI, index++, this.defaultACSIndex == index));
if (credentialProvider != null) {
spDescriptor.getKeyDescriptors().add(getKeyDescriptor(UsageType.SIGNING, this.credentialProvider.getKeyInfo()));
spDescriptor.getKeyDescriptors().add(getKeyDescriptor(UsageType.ENCRYPTION, this.credentialProvider.getKeyInfo()));
}
return spDescriptor;
}
Also used :
SPSSODescriptor(org.opensaml.saml.saml2.metadata.SPSSODescriptor)
SAMLObjectBuilder(org.opensaml.saml.common.SAMLObjectBuilder)
RequestInitiator(org.opensaml.saml.ext.saml2mdreqinit.RequestInitiator)
Extensions(org.opensaml.saml.saml2.metadata.Extensions)
Example 4 with Extensions
use of org.opensaml.saml.saml2.metadata.Extensions in project spring-security by spring-projects.
the class OpenSamlMetadataAssertingPartyDetailsConverter method signingMethods.
private List<SigningMethod> signingMethods(IDPSSODescriptor idpssoDescriptor) {
Extensions extensions = idpssoDescriptor.getExtensions();
List<SigningMethod> result = signingMethods(extensions);
if (!result.isEmpty()) {
return result;
}
EntityDescriptor descriptor = (EntityDescriptor) idpssoDescriptor.getParent();
extensions = descriptor.getExtensions();
return signingMethods(extensions);
}
Also used :
EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor)
Extensions(org.opensaml.saml.saml2.metadata.Extensions)
SigningMethod(org.opensaml.saml.ext.saml2alg.SigningMethod)
Example 5 with Extensions
use of org.opensaml.saml.saml2.metadata.Extensions in project cas by apereo.
the class SamlIdPSingleLogoutRedirectionStrategy method supports.
@Override
public boolean supports(final RequestContext context) {
val request = WebUtils.getHttpServletRequestFromExternalWebflowContext(context);
val registeredService = WebUtils.getRegisteredService(request);
if (registeredService instanceof SamlRegisteredService) {
val logout = configurationContext.getCasProperties().getAuthn().getSamlIdp().getLogout();
val samlRegisteredService = (SamlRegisteredService) registeredService;
val sloRequest = WebUtils.getSingleLogoutRequest(request);
val async = new AtomicBoolean(false);
if (StringUtils.isNotBlank(sloRequest)) {
async.set(getLogoutRequest(request).map(RequestAbstractType::getExtensions).stream().filter(Objects::nonNull).anyMatch(extensions -> !extensions.getUnknownXMLObjects(Asynchronous.DEFAULT_ELEMENT_NAME).isEmpty()));
}
return logout.isSendLogoutResponse() && samlRegisteredService != null && samlRegisteredService.isLogoutResponseEnabled() && sloRequest != null && !async.get();
}
return false;
}
Also used :
lombok.val(lombok.val)
MessageContext(org.opensaml.messaging.context.MessageContext)
RandomUtils(org.apereo.cas.util.RandomUtils)
SneakyThrows(lombok.SneakyThrows)
RequiredArgsConstructor(lombok.RequiredArgsConstructor)
LogoutResponse(org.opensaml.saml.saml2.core.LogoutResponse)
AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean)
StringUtils(org.apache.commons.lang3.StringUtils)
XMLObjectSupport(org.opensaml.core.xml.util.XMLObjectSupport)
RequestContext(org.springframework.webflow.execution.RequestContext)
SamlUtils(org.apereo.cas.support.saml.SamlUtils)
LogoutRequest(org.opensaml.saml.saml2.core.LogoutRequest)
StatusCode(org.opensaml.saml.saml2.core.StatusCode)
FunctionUtils(org.apereo.cas.util.function.FunctionUtils)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
SamlRegisteredService(org.apereo.cas.support.saml.services.SamlRegisteredService)
SerializeSupport(net.shibboleth.utilities.java.support.xml.SerializeSupport)
LogoutRedirectionStrategy(org.apereo.cas.logout.LogoutRedirectionStrategy)
CollectionUtils(org.apereo.cas.util.CollectionUtils)
SAMLConstants(org.opensaml.saml.common.xml.SAMLConstants)
SingleLogoutService(org.opensaml.saml.saml2.metadata.SingleLogoutService)
lombok.val(lombok.val)
RequestAbstractType(org.opensaml.saml.saml2.core.RequestAbstractType)
SamlIdPUtils(org.apereo.cas.support.saml.SamlIdPUtils)
SamlProtocolConstants(org.apereo.cas.support.saml.SamlProtocolConstants)
Objects(java.util.Objects)
SamlProfileHandlerConfigurationContext(org.apereo.cas.support.saml.web.idp.profile.SamlProfileHandlerConfigurationContext)
Slf4j(lombok.extern.slf4j.Slf4j)
Asynchronous(org.opensaml.saml.ext.saml2aslo.Asynchronous)
SamlRegisteredServiceServiceProviderMetadataFacade(org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)
Optional(java.util.Optional)
EncodingUtils(org.apereo.cas.util.EncodingUtils)
WebUtils(org.apereo.cas.web.support.WebUtils)
AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean)
SamlRegisteredService(org.apereo.cas.support.saml.services.SamlRegisteredService)
RequestAbstractType(org.opensaml.saml.saml2.core.RequestAbstractType)
Objects(java.util.Objects)
Aggregations
Extensions (org.opensaml.saml.saml2.metadata.Extensions)4
Optional (java.util.Optional)2
lombok.val (lombok.val)2
SamlRegisteredServiceServiceProviderMetadataFacade (org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)2
SAMLObjectBuilder (org.opensaml.saml.common.SAMLObjectBuilder)2
EntityDescriptor (org.opensaml.saml.saml2.metadata.EntityDescriptor)2
SPSSODescriptor (org.opensaml.saml.saml2.metadata.SPSSODescriptor)2
HashMap (java.util.HashMap)1
List (java.util.List)1
Map (java.util.Map)1
Objects (java.util.Objects)1
AtomicBoolean (java.util.concurrent.atomic.AtomicBoolean)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
EqualsAndHashCode (lombok.EqualsAndHashCode)1
Getter (lombok.Getter)1
RequiredArgsConstructor (lombok.RequiredArgsConstructor)1
Setter (lombok.Setter)1
SneakyThrows (lombok.SneakyThrows)1
ToString (lombok.ToString)1
Slf4j (lombok.extern.slf4j.Slf4j)1
